Annotation of www/errata25.html, Revision 1.1
1.1 ! deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
! 2: <html>
! 3: <head>
! 4: <title>OpenBSD release errata</title>
! 5: <link rev=made href=mailto:www@openbsd.org>
! 6: <meta name="resource-type" content="document">
! 7: <meta name="description" content="the OpenBSD CD errata page">
! 8: <meta name="keywords" content="openbsd,cd,errata">
! 9: <meta name="distribution" content="global">
! 10: <meta name="copyright" content="This document copyright 1997-1998 by OpenBSD.">
! 11: </head>
! 12:
! 13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
! 14:
! 15: <img alt="[OpenBSD]" height=30 width=141 SRC="images/smalltitle.gif">
! 16: <h2><font color=#0000e0>
! 17: This is the OpenBSD 2.5 release errata & patch list:
! 18:
! 19: </font></h2>
! 20:
! 21: <hr>
! 22: <a href=errata21.html>For 2.1 errata, please refer here</a>.<br>
! 23: <a href=errata22.html>For 2.2 errata, please refer here</a>.<br>
! 24: <a href=errata23.html>For 2.3 errata, please refer here</a>.<br>
! 25: <a href=errata24.html>For 2.4 errata, please refer here</a>.<br>
! 26: <a href=errata.html>For 2.6 errata, please refer here</a>.<br>
! 27: <hr>
! 28:
! 29: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5.tar.gz>
! 30: You can also fetch a tar.gz file containing all the following patches</a>.
! 31: This file is updated once a day.
! 32:
! 33: <hr>
! 34:
! 35: <dl>
! 36: <a name=all></a>
! 37: <li><h3><font color=#e00000>All architectures</font></h3>
! 38: <ul>
! 39: <a name=cron></a>
! 40: <li><font color=#009000><strong>SECURITY FIX: Aug 30, 1999</strong></font><br>
! 41: In cron(8), make sure argv[] is NULL terminated in the fake popen() and
! 42: run sendmail as the user, not as root.
! 43: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/012_cron.patch>
! 44: A source code patch exists which remedies this problem.</a>
! 45: <p>
! 46: <a name=miscfs></a>
! 47: <li><font color=#009000><strong>SECURITY FIX: Aug 12, 1999</strong></font><br>
! 48: The procfs and fdescfs filesystems had an overrun in their handling
! 49: of uio_offset in their readdir() routines. (These filesystems are not
! 50: enabled by default).
! 51: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/011_miscfs.patch>
! 52: A source code patch exists which remedies this problem.</a>
! 53: <p>
! 54: <a name=profil></a>
! 55: <li><font color=#009000><strong>SECURITY FIX: Aug 9, 1999</strong></font><br>
! 56: Stop profiling (see profil(2)) when we execve() a new process.
! 57: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/010_profil.patch>
! 58: A source code patch exists which remedies this problem.</a>
! 59: <p>
! 60: <a name=ipsec_in_use></a>
! 61: <li><font color=#009000><strong>SECURITY FIX: Aug 6, 1999</strong></font><br>
! 62: Packets that should have been handled by IPsec may be transmitted
! 63: as cleartext. PF_KEY SA expirations may leak kernel resources.
! 64: <a
! 65: href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/009_ipsec_in_use.patch>
! 66: A source code patch exists which remedies this problem.</a>
! 67: <p>
! 68: <a name=rc></a>
! 69: <li><font color=#009000><strong>SECURITY FIX: Aug 5, 1999</strong></font><br>
! 70: In /etc/rc, use mktemp(1) for motd re-writing, and change the find(1)
! 71: to use -execdir.
! 72: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/008_rc.patch>
! 73: A source code patch exists which remedies this problem.</a>
! 74: <p>
! 75: <a name=chflags></a>
! 76: <li><font color=#009000><strong>SECURITY FIX: Jul 30, 1999</strong></font><br>
! 77: Do not permit regular users to chflags(2) or fchflags(2) on character or
! 78: block devices which they may currently be the owner of.
! 79: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/007_chflags.patch>
! 80: A source code patch exists which remedies this problem.</a>
! 81: <p>
! 82: <a name=nroff></a>
! 83: <li><font color=#009000><strong>SECURITY FIX: Jul 27, 1999</strong></font><br>
! 84: Cause groff(1) to be invoked with the -S flag, when called by nroff(1),
! 85: to avoid various groff features which may be security issues. On the
! 86: whole, this is not really a security issue, but it was discussed on
! 87: BUGTRAQ as if it is.
! 88: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/006_nroff.patch>
! 89: A source code patch exists which remedies this problem.</a>
! 90: <p>
! 91: <a name=fts></a>
! 92: <li><font color=#009000><strong>RELIABILITY FIX: May 19, 1999</strong></font><br>
! 93: Programs using fts(3) could dump core when given a directory structure
! 94: with a very large number of entries.
! 95: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/005_fts.patch>
! 96: A source code patch exists which remedies this problem.</a>
! 97: <p>
! 98: <a name=tcpsack></a>
! 99: <li><font color=#009000><strong>RELIABILITY FIX: May 19, 1999</strong></font><br>
! 100: Sequence numbers could wrap with TCP_SACK and TCP_NEWRENO, resulting in
! 101: failure to retransmit correctly.
! 102: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/004_tcpsack.patch>
! 103: A source code patch exists which remedies this problem.</a>
! 104: <p>
! 105: <a name=ipsec1></a>
! 106: <li><font color=#009000><strong>RELIABILITY FIX</strong></font><br>
! 107: Retransmitted TCP packets could get corrupted when flowing over an
! 108: IPSEC ESP tunnel.
! 109: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/003_espdata.patch>
! 110: A source code patch exists which remedies this problem.</a>
! 111: <p>
! 112: <a name=bmap></a>
! 113: <li><font color=#009000><strong>RELIABILITY FIX</strong></font><br>
! 114: A local user can crash the system by reading a file larger than 64meg
! 115: from an ext2fs partition.
! 116: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/002_bmap.patch>
! 117: A source code patch exists which remedies this problem.</a>
! 118: <p>
! 119: <a name=pfkey></a>
! 120: <li><font color=#009000><strong>RELIABILITY FIX</strong></font><br>
! 121: PF_KEY socket operations leak internal kernel resources, so that a
! 122: system running an IPsec keymanagement daemon like photurisd or isakmpd
! 123: will cause the networking subsystem to stop working after a finite amount
! 124: of time.
! 125: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/001_pfkey.patch>
! 126: A source code patch exists which remedies this problem.</a>
! 127: </ul>
! 128: <p>
! 129: <a name=i386></a>
! 130: <li><h3><font color=#e00000>i386</font></h3>
! 131: <ul>
! 132: <li>No problems identified yet.
! 133: </ul>
! 134: <p>
! 135: <a name=mac68k></a>
! 136: <li><h3><font color=#e00000>mac68k</font></h3>
! 137: <ul>
! 138: <a name=macutils></a>
! 139: <li><font color=#009000><strong>INSTALL PROBLEM</strong></font><br>
! 140: The mac68k install utils were mistakenly left off the CD and out of
! 141: the FTP install directories. These tools have now been added to the
! 142: FTP install directories. See
! 143: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/2.5/mac68k/utils>
! 144: ftp://ftp.openbsd.org/pub/OpenBSD/2.5/mac68k/utils</a>
! 145: <p>
! 146: </ul>
! 147: <p>
! 148: <a name=sparc></a>
! 149: <li><h3><font color=#e00000>sparc</font></h3>
! 150: <ul>
! 151: <li>No problems identified yet.
! 152: </ul>
! 153: <p>
! 154: <a name=amiga></a>
! 155: <li><h3><font color=#e00000>amiga</font></h3>
! 156: <ul>
! 157: <li>No problems identified yet.
! 158: </ul>
! 159: <p>
! 160: <a name=pmax></a>
! 161: <li><h3><font color=#e00000>pmax</font></h3>
! 162: <ul>
! 163: <li>No problems identified yet.
! 164: </ul>
! 165: <p>
! 166: <a name=arc></a>
! 167: <li><h3><font color=#e00000>arc</font></h3>
! 168: <ul>
! 169: <li>No problems identified yet.
! 170: </ul>
! 171: <p>
! 172: <a name=alpha></a>
! 173: <li><h3><font color=#e00000>alpha</font></h3>
! 174: <ul>
! 175: <li>No problems identified yet.
! 176: </ul>
! 177: <p>
! 178: <a name=hp300></a>
! 179: <li><h3><font color=#e00000>hp300</font></h3>
! 180: <ul>
! 181: <li>No problems identified yet.
! 182: </ul>
! 183: <p>
! 184: <a name=mvme68k></a>
! 185: <li><h3><font color=#e00000>mvme68k</font></h3>
! 186: <ul>
! 187: <li>No problems identified yet.
! 188: </ul>
! 189: <p>
! 190: <a name=powerpc></a>
! 191: <li><h3><font color=#e00000>powerpc</font></h3>
! 192: <ul>
! 193: <a name=powerpc_trap></a>
! 194: <li><font color=#009000><strong>RELIABILITY FIX</strong></font><br>
! 195: Two problems in the powerpc kernel trap handling cause severe system
! 196: unreliability.
! 197: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/powerpc/001_trap.patch>
! 198: A source code patch exists which remedies these problems.</a>
! 199: <p>
! 200: </ul>
! 201:
! 202: </dl>
! 203: <br>
! 204:
! 205: <hr>
! 206: <a href=errata21.html>For 2.1 errata, please refer here</a>.<br>
! 207: <a href=errata22.html>For 2.2 errata, please refer here</a>.<br>
! 208: <a href=errata23.html>For 2.3 errata, please refer here</a>.<br>
! 209: <a href=errata24.html>For 2.4 errata, please refer here</a>.<br>
! 210: <a href=errata.html>For 2.6 errata, please refer here</a>.<br>
! 211: <hr>
! 212:
! 213: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
! 214: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
! 215: <br><small>$OpenBSD: errata.html,v 1.197 1999/09/26 13:00:42 deraadt Exp $</small>
! 216:
! 217: </body>
! 218: </html>